summaryrefslogtreecommitdiff
path: root/lib/Travelynx/Controller
diff options
context:
space:
mode:
authorBirte Kristina Friesel <derf@finalrewind.org>2023-08-07 21:17:10 +0200
committerBirte Kristina Friesel <derf@finalrewind.org>2023-08-07 21:17:10 +0200
commit52c0da3f4621925ead2446669982ef32c42d8be8 (patch)
treee7040cf823cd74d74509367a2ffa46e5d1230623 /lib/Travelynx/Controller
parent22627ce851f718df771e3c05d3298873be5f594e (diff)
Traewelling: replace legacy password login with OAuth2
This is a breaking change insofar as that traewelling support is no longer provided automatically, but must be enabled by providing a traewelling.de application ID and secret in travelynx.conf. However, as traewelling.de password login is deprecated and wil soon be disabled, travelynx would break either way. So we might or might not see travelynx 2.0.0 in the next days. Automatic token refresh is still todo, but that was the case for password login as well. Closes #64
Diffstat (limited to 'lib/Travelynx/Controller')
-rw-r--r--lib/Travelynx/Controller/Traewelling.pm90
1 files changed, 59 insertions, 31 deletions
diff --git a/lib/Travelynx/Controller/Traewelling.pm b/lib/Travelynx/Controller/Traewelling.pm
index 4c6bc64..e14872d 100644
--- a/lib/Travelynx/Controller/Traewelling.pm
+++ b/lib/Travelynx/Controller/Traewelling.pm
@@ -6,11 +6,9 @@ package Travelynx::Controller::Traewelling;
use Mojo::Base 'Mojolicious::Controller';
use Mojo::Promise;
-sub settings {
+sub oauth {
my ($self) = @_;
- my $uid = $self->current_user->{id};
-
if ( $self->param('action')
and $self->validation->csrf_protect->has_error('csrf_token') )
{
@@ -22,38 +20,68 @@ sub settings {
return;
}
- if ( $self->param('action') and $self->param('action') eq 'login' ) {
- my $email = $self->param('email');
- my $password = $self->param('password');
- $self->render_later;
- $self->traewelling_api->login_p(
- uid => $uid,
- email => $email,
- password => $password
- )->then(
- sub {
- my $traewelling = $self->traewelling->get( uid => $uid );
- $self->param( sync_source => 'none' );
- $self->render(
- 'traewelling',
- traewelling => $traewelling,
- new_traewelling => 1,
- );
+ $self->render_later;
+
+ my $oa = $self->config->{traewelling}{oauth};
+
+ return $self->oauth2->get_token_p(
+ traewelling => { scope => 'read-statuses write-statuses' } )->then(
+ sub {
+ my ($provider) = @_;
+ if ( not defined $provider ) {
+
+ # OAuth2 plugin performed a redirect, no need to render
+ return;
}
- )->catch(
- sub {
- my ($err) = @_;
- $self->render(
- 'traewelling',
- traewelling => {},
- new_traewelling => 1,
- login_error => $err,
- );
+ if ( not $provider or not $provider->{access_token} ) {
+ $self->flash( new_traewelling => 1 );
+ $self->flash( login_error => 'no token received' );
+ $self->redirect_to('/account/traewelling');
+ return;
}
- )->wait;
+ my $uid = $self->current_user->{id};
+ my $token = $provider->{access_token};
+ $self->traewelling->link(
+ uid => $self->current_user->{id},
+ token => $provider->{access_token},
+ expires_in => $provider->{expires_in},
+ );
+ return $self->traewelling_api->get_user_p( $uid, $token )->then(
+ sub {
+ $self->flash( new_traewelling => 1 );
+ $self->redirect_to('/account/traewelling');
+ }
+ );
+ }
+ )->catch(
+ sub {
+ my ($err) = @_;
+ say "error $err";
+ $self->flash( new_traewelling => 1 );
+ $self->flash( login_error => $err );
+ $self->redirect_to('/account/traewelling');
+ return;
+ }
+ );
+}
+
+sub settings {
+ my ($self) = @_;
+
+ my $uid = $self->current_user->{id};
+
+ if ( $self->param('action')
+ and $self->validation->csrf_protect->has_error('csrf_token') )
+ {
+ $self->render(
+ 'bad_request',
+ csrf => 1,
+ status => 400
+ );
return;
}
- elsif ( $self->param('action') and $self->param('action') eq 'logout' ) {
+
+ if ( $self->param('action') and $self->param('action') eq 'logout' ) {
$self->render_later;
my $traewelling = $self->traewelling->get( uid => $uid );
$self->traewelling_api->logout_p(